Identity Resources Identity resources contain identity information that is used to authorize a connection. The responder (or server) in an SSL connection request must have an identity, but the initiator (or client) must also have an identity. The Identity resource can be used to store one of the following types of identities: • Username/ Password • Certificate/Private Key • Identity File The following sections describe each kind of identity and when each is used. Username/ Password This type of identity is used to store a username and password. This is useful when only basic client authentication is needed. This type of identity is not typically used within TIBCO ActiveMatrix BusinessWorks processes. Certificate/Private Key Use this type of identity when the public key and the certificate are stored in two separate files. Typically certificates are stored in Privacy-enhanced Electronic Mail (PEM) format. The URL for the certificate and key must be provided, as well as the password for the key. This type of identity is used when TIBCO ActiveMatrix BusinessWorks acts either as the initiator or responder in an SSL connection. Identity File Use this type of identity when the certificate includes the public key information in the certificate file. The URL and file type of the certificate must be provided, as well as the password for the key. The certificate can be one of the following types of formats: • Entrust — Entrust file format. • JCEKS — Java Cryptography Extension Key Store file format. • JKS — Java Key Store file format. • PEM — Privacy-enhanced Electronic Mail file format. • PKCS12 — Public Key Cryptography Standard (12) file format.
